<?php
namespace App\Security\Voters;
use App\Entity\Manufacturer;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Security;
class ManufacturerVoter extends Voter
{
private Security $security;
public const CAN_EDIT_HOLIDAYS = 'manufacturer.holidays.edit';
private const ATTRIBUTES = [
self::CAN_EDIT_HOLIDAYS
];
public function __construct(Security $security)
{
$this->security = $security;
}
protected function supports($attribute, $subject): bool
{
return in_array($attribute, self::ATTRIBUTES);
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
{
switch ($attribute) {
case self::CAN_EDIT_HOLIDAYS:
return $this->canUpdateHolidays($subject);
}
throw new \LogicException('Invalid attribute: '.$attribute);
}
private function canUpdateHolidays(?Manufacturer $manufacturer): bool
{
if ( !$this->security->getUser() ) {
return false;
}
if ( $this->security->isGranted('ROLE_LOGISTICS_MANAGER') || $this->security->isGranted('ROLE_MANUFACTURING_MANAGER') ) {
return true;
}
return false;
}
}